I follow the Wall Street Journal Facebook page and noticed these feeds last weekend and suspiciously validated these updates in Quora and other news websites. The news is true and WSJ became the latest in a series of victims over the last few weeks.

Several readers noticed the hack and it was too late before they captured screenshots of the apparent hacking. W0rm is now claiming to have overtaken both the Wall Street Journal and Vice.com‘s user database. While W0rm claims to have also breached the Wall Street Journal’s database, a threat that given their credibility has significant merit, the company has not yet made a public statement about the potential breach.

These screenshots (posted by W0rm) appear to show extracted strings from stolen databases with users' credentials.

The screenshots also shows the different sensitive columns extracted from the database such as:

Username, password, email address, login attempts, activity, etc.

At this time, WSJ has not revealed any recommendations to WSJ users even though WSJ was aware of the compromise and immediately started deleting the offending feeds. Also, WSJ announced that the computing systems for its news graphics were “hacked by outside parties.”

Andrew Komarov, CEO of Intel Crawler, who brought the hack to the attention of the journal also confirmed that there is an opportunity to get access to any database on theThe Wall Street Journal server, a list of over 20 databases hosted on this server.

Myriad of other similar breaches:

Remember the “AP Twitter hack” that started a sell off on Wall Street?

The Dow dropped 100 points within a second, before bouncing back up once it became clear that the AP's account had been compromised. Apparently, hackers had "made repeated attempts to steal the passwords of AP journalists," and ended up with the password to the news wire's main Twitter account.

On another note, the whole security breach follows just days after W0rm claimed responsibility for an attack against a gadget website named CNET, a claim he followed up with an offer to flog off a CNET database supposedly containing one million usernames, passwords, and email addresses. This was exploited through a vulnerability found in CNET's Symphony PHP framework.

Also, W0rm was previously linked to a high-profile hack against the BBC last December. He previously used nicknames including "rev0lver" or "rev", according to El Reg's sources.

The hacker is thought to be primarily financially motivated. He trades stolen databases with other cybercriminals and spammers through underground forums.

Recommended Security Controls:

Although some of the hacks are not fully disclosed or we don’t have much information, it is definitely viable to assume organizations need to enforce these security controls to enhance their security posture from these threats.

1. Layered approach: Implement a layered approach and have proper policies and processes in place once you have identified your crown jewels in your organization. Considering data is of utmost importance, protect what is important. Organizations try to protect everything which is why these attacks easily succeed!